deep dive on active directory powershell mudassir ali software development engineer microsoft...
TRANSCRIPT
![Page 1: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/1.jpg)
Deep Dive on Active Directory PowerShell
Mudassir AliSoftware Development EngineerMicrosoft Corporation
SIA404
![Page 2: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/2.jpg)
Objectives and Takeaways
Objectives:Instill enthusiasm for something you might have otherwise ignoredShow you an easy way to start learning Active Directory PowerShell
Takeaways:… and to provide sufficient knowledge for you to continue on your own
![Page 3: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/3.jpg)
How’s this going to work?
Not many slidesLots o’ demos
Scenario-drivenInteractive
Q&A when you’ve got the “Q”
![Page 4: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/4.jpg)
Agenda
Why PowerShell?High-level Architecture of Active Directory PowerShellScenarios1. User logon taking a long time2. Update an attribute of user accounts3. User is experiencing intermittent logon failure4. Find out when is the user password expiring5. Monitor health summary of Active Directory forest
![Page 5: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/5.jpg)
demo
Active Directory Administrative Center (ADAC)
![Page 6: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/6.jpg)
Why PowerShell?
Past: Windows CMD shellLimited intrinsic capabilitiesRequired purpose-built external binaries to do more
Present: PowerShell Full .NET reachDiscoverability
New ‘module’-based architecture
Piping
![Page 7: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/7.jpg)
demo
Why PowerShell?
![Page 8: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/8.jpg)
High-level Architecture
![Page 9: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/9.jpg)
Scenario 1
User logon taking a long time across forests
![Page 10: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/10.jpg)
User logon is taking a long time across forestRole:
Active Directory administrator
Problem: User authentication is taking a long time across forests
Cause:The sites and subnets are not synchronized between forests
Solution: Synchronize the sites and subnets between forests
![Page 11: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/11.jpg)
demo
Synchronize sites and subnets between forests
![Page 12: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/12.jpg)
Scenario 2
Update an attribute of user accounts
![Page 13: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/13.jpg)
Update an attribute of user accounts
Role: Active Directory administrator
Problem: Company just moved3,712 user’s postal codes need to change
Solution: Active Directory PowerShell
![Page 14: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/14.jpg)
demo
Update an attribute of user accounts
![Page 15: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/15.jpg)
Pro tip: Increase cmdlet query timeout
Active Directory PowerShell cmdlet query is timing out
Go to the target Domain ControllerOpen the “%windir%\ADWS\Microsoft.ActiveDirectory.WebServices.exe.config” fileIncrease the “OperationTimeout” parameter value
More configuration values and their details at: http://technet.microsoft.com/en-us/library/dd391908(v=ws.10).aspx
Stop-Service ADWSStart-Service ADWS
![Page 16: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/16.jpg)
Scenario 3
Intermittent logon failures
![Page 17: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/17.jpg)
Intermittent logon failuresRole:
Active Directory support engineer
Problem: The user is getting intermittent logon failures
Cause:The user password is not synchronized between DCs
Solution: Ensure that the user password is synchronized
![Page 18: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/18.jpg)
demo
Intermittent logon failures
![Page 19: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/19.jpg)
Scenario 4
When is the user password expiring?
![Page 20: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/20.jpg)
When is the user password expiring
Role: Active Directory administrator
Problem: How to warn the user that their password is expiring
Solution: Active Directory PowerShell script
![Page 21: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/21.jpg)
demo
When is the user password expiring
![Page 22: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/22.jpg)
Scenario 5
Monitor replication health of an Active Directory forest
![Page 23: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/23.jpg)
Monitor replication health of a forest
Role: Active Directory administrator
Problem: What is the replication health of my forest
Solution: Active Directory PowerShell cmdlets to monitor the replication health
![Page 24: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/24.jpg)
demo
Monitor replication health of an Active Directory forest
![Page 25: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/25.jpg)
Pro tip: Send an email using PowerShell# Create the message parameters$messageParameters = @{ `
Subject = “Running processes - $((Get-Date).ToShortDateString())" `Body = Get-Process| ConvertTo-Html | Out-String `From = "[email protected]" `To = "[email protected]" `SmtpServer = "SmtpHost" }
# Send the mailSend-MailMessage @messageParameters -BodyAsHtml
![Page 26: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/26.jpg)
Takeaways & Resources
Sufficient knowledge for you to continue learning Active Directory PowerShell
Active Directory Administration with Windows PowerShell: http://technet.microsoft.com/en-us/library/dd378937(v=WS.10).aspx
Active Directory PowerShell blog: http://blogs.msdn.com/b/adpowershell/
Active Directory PowerShell: Installation using RSAT on Windows 7: http://blogs.msdn.com/b/adpowershell/archive/2009/03/24/active-directory-powershell-installation-using-rsat-on-windows-7.aspx
![Page 27: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/27.jpg)
Related Content
SIA312 – What is new in Active Directory in Windows Server 2012SIA341 – Windows Server 2012 Dynamic Access Control Deep Dive for Active Directory and Central Authorization PoliciesSIA317 - Active Directory Virtualization Safeguards and Domain Controller Cloning with Windows Server 2012
South Hall A TechExpo (Active Directory and Dynamic Access Control)
![Page 28: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/28.jpg)
SIA, WSV, and VIR Track Resources
Talk to our Experts at the TLC
#TE(sessioncode)
DOWNLOAD Windows Server 2012 Release Candidate
microsoft.com/windowsserverHands-On Labs
DOWNLOAD Windows Azure
Windowsazure.com/teched
![Page 29: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/29.jpg)
Resources
Connect. Share. Discuss.
http://northamerica.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn
![Page 30: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/30.jpg)
Complete an evaluation on CommNet and enter to win!
![Page 31: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/31.jpg)
Please Complete an Evaluation Your feedback is important!
Multipleways to Evaluate Sessions
Scan the Tagto evaluate thissession now on myTechEd Mobile
![Page 32: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/32.jpg)
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.
![Page 33: Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649da05503460f94a8b4fe/html5/thumbnails/33.jpg)